Description

This course bundle is aimed at both experts working within IT and/or those that have an extensive knowledge of IT technologies, including networking. It includes three expert level, globally recognised CompTIA cyber security certifications: 1. The CompTIA PenTest+ (Penetration Tester), 2. The CompTIA CySA+ (Cyber Security Analyst), 3. The CompTIA CASP+ (Certified Advanced Security Practitioner).

There is no denying that the level of cyber attacks have increased over the last decade. Some have affected small pockets of the world, whereas others have had more of a global impact. As the world becomes more interconnected through computer technology, the opportunity to steal data and disrupt lives has become more prevalent. There has never been a better time to become a Cyber Security Specialist than now. Demand for specialists continues to grow.

Who are CompTIA? Watch this video to find out.

The certification bundle starts off by looking at key security concepts such as threat assessment, threat management, controls, cryptography, and on-going management. From there, the course then becomes highly specialised exploring security architecture and design, encryption, software development security, and telecommunications and network security.

The Average Cyber Security Analyst Profile:

Average salaries for experienced cyber security professionals:

Senior Cyber Security Analyst: £67,500 p.a.

Cyber Security Manager: £80,000 p.a.

Cyber Security Incident Manager: £91,000 p.a.

Source: ITjobswatch

An example of the CompTIA CASP+ certification you can gain through this course.

Upon completion of the course, you will not only exit with a series of globally respected cyber security certifications, but a deeper knowledge of cyber security concepts, practices and tools to better equip you to manage and respond to cyber security issues. You will possess a set of skills you can apply to a vast range of cyber security job roles.

This bundle contains three CompTIA certification courses (inclusive of three official CompTIA exams). Click on a title to see a full breakdown of what you’ll be learning in each course.

As part of this bundle, you will also get access to a MeasureUP practice test for each certification course. Scroll down to read more about the MeasureUP practice tests and how they will help you pass your exams the first time.

• In this module, you will learn how to work with a client and prepare for a penetration testing
engagement. The topics are:
1. Penetration Testing Overview
• In this topic, you will learn what a penetration test is, the steps taken to prepare for a
pentest, tools used, communicating with the client and your team, and pen testing
standards and frameworks.
2. Engagement Planning
• In this topic, you will learn about the logistics of planning for a pentest engagement
including setting scope, determining end goals and deliverables, assessment types, threat
modeling, and scheduling.
3. Engagement Documents
• In this topic, you will learn about documentation required for a professional pentest
engagement including contracts, authorizations, rules of engagement, impact analysis,
disclaimers, and support resources.
4. Prepare to Go Live
• In this topic, you will prepare both the client and your team to start the actual test.

Module 2 – Passive Reconnaissance

In this module, you will learn how to gather background information on your target. The topic is:
1. OSINT
• In this topic, you will learn about passive reconnaissance through open source intelligence
gathering, including using websites, social media, Google hacking, DNS querying, and
other tools.
• Activities include using Whois, Google Hacking Database, theHarvester, Recon-ng, FOCA,
dig, nslookup, and Shodan.

Module 3 – Active Reconnaissance

In this module, you will learn how to actively search for targets. The topics are:
1. Host Discovery and Port Scanning
• In this topic, you will learn about the different tools and methods for discovering target
systems and the services they provide.
• Activities include using the command line, nmap, and Metasploit.
2. Enumeration
• In this topic, you will learn how to obtain additional information from network services,
Windows and Linux systems, as you prepare to exploit those systems.
• Activities include using Windows and Linux command line commands, nmap, netcat,
telnet, rpcclient, dirbuster, and Metasploit.
3. Vulnerability Scanning
• In this topic, you will use different types of scans including packet crafting to discover
exploitable vulnerabilities on hosts, websites, network services, and network devices.
• Activities include using OpenVAS, nmap NSE scripts, Metasploit Pro, sqlmap, Nikto,
MBSA, hping3, airmon-ng, aircrack-ng, Fern Wi-Fi Cracker, mdk3, and Kismet.

Module 4 – Physical Security

In this module, you will learn how to test physical security controls. The topic is:
1. Physical Security Tests
• In this topic, you will learn about ways to circumvent physical security controls to gain
access to restricted areas.
• Activities include RFID badge cloning

Module 5 – Social Engineering

In this topic, you will learn about social engineering. The topic is:
1. Social Engineering Attacks
• In this topic, you will learn how to execute both technical and non-technical social
engineering attacks.
• Activities include using msfvenom and Metasploit for USB stick baiting, and the Kali Social
Engineering Toolkit for website login cloning, phishing, and credential interception.

Module 6 – Vulnerability Scan Analysis

In this module, you will learn how to examine vulnerability scan results to choose the best exploit against
discovered targets. The topic is:
1. Vulnerability Scan Results
• In this topic, you will learn how to assess vulnerability scan results, weed out false
positives, adjudicate and prioritize findings, and map vulnerabilities to exploits. You will
also learn about both the value and limits of using automated vulnerability scans in your
pentest engagement.
• Activities include using Metasploit Pro to validate vulnerability scan findings and
determine the appropriate exploit modules that can be used to penetrate the
vulnerable systems.

Module 7 – Password Cracking

In this module, you will learn the basics of password cracking. The topic is:
1. Password Cracking Types
• In this topic, you will learn about dictionary, rainbow table, and brute force attacks. You
will learn how to brute force network service authentication, intercept a network
authentication, and pass-the-hash.
• Activities include using Medusa, John-the-Ripper, Wireshark, and Metasploit.
NOTE: You will learn additional password cracking techniques in subsequent modules.

In this module, you will learn how attack wireless networks. The topic is:
1. Wireless Network Exploits
• In this topic you will learn how to sniff and jam Wi-Fi networks, crack WEP, WPA/WPA2
and WPS, conduct Evil Twin attacks, and attack BlueTooth.
• Activities include using Netcut, Wireshark, and airmon-ng, besside-ng, bettercap, and
Wi-Fi Pumpkin.

Module 10 – Windows Exploits

In this module, you will learn how to exploit Windows hosts. The topics are:
1. Common Windows-Based Vulnerabilities
• In this topic you will learn about common Windows vulnerabilities, exploits, and
payloads.
• Activities include using Metasploit, the Searchsploit database, and command-line
commands.
2. Password Cracking in Windows
• In this topic, you will learn about cracking Windows passwords.
• Activities include using Cain & Abel, John-the-Ripper and L0pht 7
3. Windows Components
• In this topic, you will learn how to exploit standard Windows components including
default protocols and configurations, the file system, the kernel, and memory. You will
also learn how to leverage these components to escalate privilege on a compromised
host.
• Activities include using Metasploit and the Searchsploit database.
4. Windows Accounts
• In this topic you will learn how to exploit default and user-defined Windows accounts.
• Activities include using Metasploit and command-line commands.
5. Sandboxes
• In this topic, you will learn about using sandboxing to contain hacking attempts.

Module 11 – Linux Exploits

In this module, you will learn how to hack Linux systems. The topics are:
1. Common Linux/Unix-Based Vulnerabilities
• In this topic you will learn about common Linux vulnerabilities, exploits, and payloads.
• Activities include using Metasploit, the Searchsploit database, and command-line
commands.
2. Password Cracking in Linux
• In this topic you will learn how to crack Linux passwords.
• Activities include using command-line commands, unshadow, and John-the-Ripper.
3. Vulnerable Linux Components
• In this topic, you will learn how to exploit standard Linux components including default
protocols and configurations, the file system, the kernel, and memory. You will also
learn how to leverage these components to escalate privilege on a compromised host.
• Activities include using command-line commands, Metasploit and the Searchsploit
database.
4. Linux Accounts
• In this topic, you will learn how to attack default Linux accounts.
• Activities include using Linux bash commands.

Module 12 – Mobile Devices

In this module, you will learn how to attack mobile devices. The topics are:
1. Android Exploits
• In this topic, you will learn how to exploit common Android vulnerabilities
• Activities include using msfvenom and Metasploit to compromise and remotely control
an Android phone.
2. Apple Exploits
• In this topic, you will learn how to exploit common Apple vulnerabilities
• Activities include using nmap and WinSCP to access a compromised iPhone.

Module 13 – Specialized Systems

In this module, you will learn about specialized systems. The topics are:
1. ICS
• In this topic, you will learn about common vulnerabilities of industrial control ICS and
SCADA systems
2. Embedded Systems
• In this topic, you will learn about common vulnerabilities of embedded systems such as
point-of-sale and real-time operating systems
• Activities include using a Raspberry PI to attack an internal network.
3. 13.3 IoT
• In this topic, you will learn about common and emerging threats related to the Internet
of Things
4. 13.4 Hardware Attacks
• In this topic, you will learn about additional hardware-based attacks that can be
conducted against specialized systems.

Module 14 – Scripts

In this module, you will learn the basics of scripting, as pertains to penetration testing. The topics are:
1. Scripting Basics
• In this topic, you will learn about the basics of Bash, PowerShell, Python, and Ruby
scripting
2. Common Scripting Elements
• In this topic, you will learn about common scripting elements found in all of the scripting
languages including variables, substitution, arrays, operations, logic, and error handling.
• Activities include writing simple scripts.

Module 15 – Application Testing

In this module you will learn about testing application code for vulnerabilities. The topics are:
1. Static Code Analysis
• In this topic, you will learn how to analyze static, non-running code
2. Dynamic Code Analysis
• In this topic, you will learn how to test running code.
• Activity includes fuzz testing an application for potential buffer overflow vulnerabilities.
3. Reverse Engineering
• In this topic, you will learn about application reverse-engineering techniques including
de-compilation, disassembly, and debugging.

Module 16 – Web App Exploits

In this module, you will learn how to exploit web apps. The topics are:
1. Common Web Application Vulnerabilities
• In this topic, you will learn how to exploit authentication, authorization,
misconfigurations, browser sessions, and insecure code.
2. Injection Attacks
• In this topic, you will learn about various injection techniques.
• Activities include using a browser, sqlmap, and Metasploit to inject code and SQL
commands into a web app form.
3. Cross-Site Attacks
• In this topic, you will learn how to conduct Cross-Site Scripting and Cross-Site Request
Forgery attacks.
• Activities include using a browser and other tools to perform XSS attacks.
4. Other Web-Based Attacks
• In this topic, you will learn how to conduct other types of web-based attacks including
clickjacking, file inclusion, and webshells.

Module 17 – Lateral Movement

In this module, you will learn how to move around in a compromised network. The topic is:
1. Lateral Movement Techniques
• In this topic, you will learn how to use lateral movement techniques including migrating
malicious code to another process, pivoting, and using proxy chains.
• Activities include using Metasploit to migrate code and pivot through the target
network, and Armitage Team Server to pass control to another attacker.

Module 18 – Persistence

In this module, you will learn how to maintain control of a compromised system. The topics are:
1. Persistence Techniques
• In this topic, you will learn about common persistence techniques.
2. Backdoors
• In this topic, you will learn how to plant persistent back doors on a compromised
system.
• Activities include using ProRAT Trojan builder
3. Bind and Reverse Shells
• In this topic, you will learn the difference between bind and reverse shells, and when it
is appropriate to use either.
• Activities include using Metasploit to create bind and reverse connections to a
compromised target.
4. Netcat
• In this topic, you will learn how to use netcat to set up a persistent back door.
• Activities include using netcat to launch both bind and reverse shells.
5. Scheduled Tasks
• In this topic, you will learn how to maintain persistence through scheduled tasks.
• Activities include using the task scheduler to regularly launch a netcat session that
exfiltrates updated data out of the target and back to the attacker.

Module 19 – Cover Your Tracks

In this module, you will learn how to remove evidence of your hacking activities. The topic is:
1. Anti-forensics Techniques
• In this topic, you will learn how to hide malicious activity from a forensic investigator
• Activities include clearing logs, changing file timestamps, and impersonating another
user when conducting malicious activity.

Module 20 – The Report

In this module, you will learn how to analyze your pentest findings and write a report as the final
deliverable for your client. The topics are:
1. Data Analysis
• In this topic, you will categorize and prioritize the data you have collected during the
penetration test.
2. Recommendations
• In this topic, you will formulate recommendations for the client based on the data you
collected during the penetration test.
3. Writing the Report
• In this topic, you will normalize the data you have collected, and organize it into an
actionable report aimed at multiple audiences.
4. Handling the Report
• In this topic, you will securely hand over the report to your client.
• The activity includes examining real world report examples.

Module 21 – Post Engagement Cleanup

In this module, you will learn about the tasks you must perform after completing a professional
penetration test. The topic is:
1. Post Engagement Activities
• In this topic, you will learn about the cleanup tasks required after a typical pentest
engagement, including removing artifacts, client acceptance of the findings, lessons
learned, and follow up actions.

Module 1: Threat Management
1.1 Introduction
1.2 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 1
1.3 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 2
1.4 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 3
1.5 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 4
1.6 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 5
1.7 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 6
1.8 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 7
1.9 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 8
1.10 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes – Part 9
1.11 Given a scenario, analyze the results of a network reconnaissance – Part 1
1.12 Given a scenario, analyze the results of a network reconnaissance – Part 2
1.13 Given a scenario, analyze the results of a network reconnaissance – Part 3
1.14 Given a scenario, analyze the results of a network reconnaissance – Part 4
1.15 Given a scenario, analyze the results of a network reconnaissance – Part 5
1.16 Given a network-based threat, implement or recommend the appropriate response and countermeasure – Part 1
1.17 Given a network-based threat, implement or recommend the appropriate response and countermeasure – Part 2
1.18 Given a network-based threat, implement or recommend the appropriate response and countermeasure – Part 3
1.19 Given a network-based threat, implement or recommend the appropriate response and countermeasure – Part 4
1.20 Explain the purpose of practices used to secure a corporate environment – Part 1
1.21 Explain the purpose of practices used to secure a corporate environment – Part 2
1.22 Explain the purpose of practices used to secure a corporate environment – Part 3
1.23 Explain the purpose of practices used to secure a corporate environment – Part 4

Module 2: Vulnerability Management
2.1 Given a scenario, implement an information security vulnerability management process – Part 1
2.2 Given a scenario, implement an information security vulnerability management process – Part 2
2.3 Given a scenario, implement an information security vulnerability management process – Part 3
2.4 Given a scenario, implement an information security vulnerability management process – Part 4
2.5 Given a scenario, implement an information security vulnerability management process – Part 5
2.6 Given a scenario, implement an information security vulnerability management process – Part 6
2.7 Given a scenario, implement an information security vulnerability management process – Part 7
2.8 Given a scenario, analyze the output resulting from a vulnerability scan – Part 1
2.9 Given a scenario, analyze the output resulting from a vulnerability scan – Part 2
2.10 Compare and contrast common vulnerabilities found in the following targets within an organization – Part 1
2.11 Compare and contrast common vulnerabilities found in the following targets within an organization – Part 2
2.12 Compare and contrast common vulnerabilities found in the following targets within an organization – Part 3

Module 3: Cyber Incident Response
3.1 Given a scenario, distinguish threat data or behavior to determine the impact of an incident – Part 1
3.2 Given a scenario, distinguish threat data or behavior to determine the impact of an incident – Part 2
3.3 Given a scenario, distinguish threat data or behavior to determine the impact of an incident – Part 3
3.4 Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation – Part 1
3.5 Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation – Part 2
3.6 Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation – Part 3
3.7 Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation – Part 4
3.8 Given a scenario, prepare a toolkit and use appropriate forensic tools during an investigation – Part 5
3.9 Explain the importance of communications during the incident response process
3.10 Given a scenario, analyze common symptoms to select the best course of action to support incident response – Part 1
3.11 Given a scenario, analyze common symptoms to select the best course of action to support incident response – Part 2
3.12 Given a scenario, analyze common symptoms to select the best course of action to support incident response – Part 3
3.13 Given a scenario, analyze common symptoms to select the best course of action to support incident response – Part 4
3.14 Summarize the incident recovery and post-incident response process – Part 1
3.15 Summarize the incident recovery and post-incident response process – Part 2
3.16 Summarize the incident recovery and post-incident response process – Part 3
3.17 Summarize the incident recovery and post-incident response process – Part 4

Module 4: Security Architecture and Tool Sets
4.1 Explain the relationship between frameworks, common policies, controls, and procedures – Part 1
4.2 Explain the relationship between frameworks, common policies, controls, and procedures – Part 2
4.3 Explain the relationship between frameworks, common policies, controls, and procedures – Part 3
4.4 Explain the relationship between frameworks, common policies, controls, and procedures – Part 4
4.5 Given a scenario, use data to recommend remediation of security issues related to identity and access management – Part 1
4.6 Given a scenario, use data to recommend remediation of security issues related to identity and access management – Part 2
4.7 Given a scenario, use data to recommend remediation of security issues related to identity and access management – Part 3
4.8 Given a scenario, use data to recommend remediation of security issues related to identity and access management – Part 4
4.9 Given a scenario, review security architecture and make recommendations to implement compensating controls – Part 1
4.10 Given a scenario, review security architecture and make recommendations to implement compensating controls – Part 2
4.11 Given a scenario, review security architecture and make recommendations to implement compensating controls – Part 3
4.12 Given a scenario, use applications security best practices while participating in the Software Development Life Cycle (SDLC) – Part 1
4.13 Given a scenario, use applications security best practices while participating in the Software Development Life Cycle (SDLC) – Part 2
4.14 Overview
4.15 Conclusion

Instant, drill-down score reports tell you exactly the areas to focus on

Watch this video to learn more about MeasureUP practice tests.

Course access period: 12 months online access

Salary and job prospect information

We use two excellent third-party resources to allow you to check your earning potential and job prospects before starting this course.

The first is IT JobsWatch, which allows you to check what employers are paying people on average with specific certifications, such as the ones contained in this bundle. Click here and enter the name of the certification you would like to see salary information on. Remember to check the earning potential for all the certifications in the bundle, especially the more advanced ones as these will offer the highest salary.

The second is Payscale, which also does the above, but allows you to see what types of job titles are paying more based around the certification you enquire about. Click here and enter the name of the certification you would like to see salary and job title information on. Again, remember to check the earning potential for all the certifications in the bundle, especially the more advanced ones as these will provide information on higher level job roles. Although some higher level roles may require experience, the information will give you an idea of future earning potential and career prospects.

What career paths are available to me through this course?

Cyber Security Engineer

Cyber Security Analyst

Cyber Security Investigator

Cyber Security Architect

Cyber Security Incident Manager

Cyber Threat Analyst

Cyber Threat Consultant

IT Security Specialist

IT Security Consultant

How is each course taught?

All courses are online and self-paced, meaning you do it in your own home, in your own time, at your own pace and best of all… any where in the world, providing you have access to a laptop, PC or desktop computer, and an internet connection. Each lesson is pre-recorded allowing you to pause, fast-forward, skip sections, or go back to another lesson if you need to. The lessons are multi-media based, which means video and audio are used to teach the lessons. Your tutor will PowerPoint slides, illustrations, diagrams and give demonstrations to teach each class. Most lessons are also interactive, prompting the learner to participate. This might involve answering on-screen questions, participating in tasks.

How long will it take me to complete each course?

As mentioned above, our courses are self-paced. Some people finish their course faster than others. Each certification course is between 20-40 hours. If you choose to only do one of the certification courses from this bundle, then it will take you less time than if you do two or three or all of them. No matter what though, you will always have 12 months to complete your course.

What do I need?

All you need is an internet connection and a device, such as a smart phone, tablet, laptop or PC, and an internet connection. To get the most out of the course, we recommend you access it using either a laptop or desktop computer through Google Chrome.

Course Features

With Hudson’s e-learning system, certification has never been simpler! You can be starting your IT career or taking your current IT skills to the next level in just a few short weeks. Our learning system gives you all of the benefits of a live class at just a fraction of the cost. Courses include:

Expert Instructor-Led Training

We only use the industry’s finest instructors in the IT industry. They have a minimum of 15 years real-world experience and are subject matter experts in their fields. Unlike a live class, you can fast-forward, repeat or rewind all your lectures. This creates a personal learning experience and gives you all the benefit of hands-on training with the flexibility of doing it around your schedule 24/7.

Visual Demonstrations & Multimedia Presentations

Our courseware includes instructor-led demonstrations and visual presentations that allow students to develop their skills based on real world scenarios explained by the instructor. We always focus on real world scenarios and skill-set development.

Quizzes & Exam Simulators

Our custom practice exams prepare you for your exams differently and more effectively than the traditional exam preps on the market. You will have practice quizzes after each module to ensure you are confident on the topic you have completed before proceeding.

This will allow you to gauge your effectiveness before moving to the next module in your course. Hudson courses also include practice exams designed to replicate and mirror the environment in the testing center. These exams are on average 100 questions to ensure you are 100% prepared before taking your certification exam.

Social Learning & Networking

Hudson has designed a world class Learning Management System (LMS) This system allows you to interact and collaborate with other students and staff, form study groups, engage in discussions in our [email protected] Forums, rate and “like” different courses and stay up to date with all the latest industry knowledge through our forums, student contributions and announcement features. This LMS is unmatched in the industry and makes learning fun and enjoyable.

Flash Cards & Educational Games

Hudson knows that education is not a one size fits all approach. Students learn in different ways through different tools. That is why we provide Flash Cards and Education Games throughout our courses. This will allow you to train in ways that keep you engaged and focused. Each course will have dozens of Flash Cards so you can sharpen your skill-sets throughout your training as well as educational games designed to make sure your retention level of the materials is extremely high.

Navigation & Controls

Hudson’s self-paced training programs are designed in a modular fashion to allow you the flexibility to work with expert level instruction anytime 24/7. All courses are arranged in defined sections with navigation controls allowing you to control the pace of your training. This allows students to learn at their own pace around their schedule.

Add experience to your CV with Live Labs

If you’re looking to get ahead of the crowd and don’t have any technical experience, then you might want to consider adding live labs to your course. Because many IT jobs take place at the virtual level (i.e. behind a keyboard and mouse), the experience you’ll gain through a live lab is very similar to experience you’ll gain in the workplace. Consequently many employers regard live lab experience as a valued asset on a CV.

Live labs are also a great tool for experienced technicians as they allow individuals to put their newly acquired course skills to practice. To find out more about our range of live labs, including costs, and how they can enhance your skills, click here.

Non-cancellation of course

Please note that this course is not covered by our standard 7 day guarantee/cancellation/refund policy.